Symantec report: 'Political' cyberattacks hit half of large companies

Ellen Mesmer |
Oct. 6, 2010

Terrorist or state-sponsored incursions aimed at stealing information or bringing down networks are among those listed.

FRAMINGHAM, MA, USA, OCTOBER 5, 2010 When asked if their enterprises had been hit by "politically minded attacks" that could include terrorist or state-sponsored cyberattacks aimed at stealing sensitive inform or bringing down the network, half of the IT managers at 1,580 enterprises worldwide answered they thought that had happened to them.

That's one finding in the "Symantec 2010 Critical Infrastructure Protection Study," which asked IT managers around the world, in industries ranging from banking and finance to energy, healthcare, IT and emergency services, their opinions on whether they thought their businesses had come under cyberattacks that might have a distinct political motivation.

Fifty-three percent of the survey respondents said they "suspected or were pretty sure" that they had experienced "an attack waged with a political goal in mind.

These types of attacks ranged from attempts to steal electronic information, manipulate physical equipment through taking control of the network and attempts to just shut down the network. These types of attempts were thought to have occurred about 10 times in the past five years, on average, and three out of five attacks were viewed as effective. The cost to respond and mitigate against the attacks cost each of them on average about US$850,000 over the course of five years, according to the survey.

Symantec CISO Justin Somaini says the survey, conducted by Applied Research, sought not to colour the answers of respondents with checkbox-like choices but to learn about the experiences of these 1,580 enterprises in a five-year period related to any attacks that appear to have a political purpose.

The types of enterprises chosen for the survey were those generally considered to fall within what's often called "critical infrastructure", such as energy and banking. The survey also sought to understand whether enterprises are motivated to participate in their country's critical-infrastructure protection programmes.

"Cyberattacks have been a fact of life for companies for decades," the Symantec 2010 Critical Infrastructure Protection Study states. "But there exists a special class of attack: cyberattacks that are initiated by terrorists or foreign governments with specific political goals in mind."

In the survey, one IT director of an energy company is quoted as saying, "We've had people attempt to break in and retrieve documentation, especially the shared material between the oil companies in our own library. We had to take some dramatic action to cut them off."

As to whether the enterprises that participated in the Symantec survey were motivated to work with the critical infrastructure protection programmes that their government might have, 66 percent said they were "somewhat or completely willing" to cooperate with the government on critical infrastructure programmes.